WhatsApp has sued the Israeli company because it says it has used its messaging service to hijack phones and spy as many as 1,400 users around the world.
In lawsuits filed in California on Tuesday, WhatsApp – which is owned by Facebook – said the Israeli firm NSO used its messaging service to spy on targets between April and May 2019.
The hack was reported in May. WhatsApp announced at the time that a hack had taken place. It said it would contact affected customers individually with an adjusted message.
Now the company is looking for a court order that will prevent the company from using its service permanently. It now also publicly attributes the violation to NSO and shares details about how it happened alongside the goals.
Citizen Lab, a research agency with which it collaborated to investigate the infringement, published some of its findings.
WhatsApp sues the Israeli spyware company NSO and claims that it must be permanently blocked
It said there were at least 100 cases of journalists or human rights activists targeted in 20 different countries, including Africa, Asia, Europe, the Middle East and North America.
The infringement occurred after NSO was taken over by Novalpina Capital, a private equity group based in London. Citizen says its purpose was & # 39; ongoing public relations campaign to promote the story that the new property would curb abuse & # 39 ;.
WhatsApp asks that NSO, which sells spyware to governments, must be blacklisted internationally.
& # 39; NSO Group claims that it sells its spyware exclusively to government customers, and all its exports are made in accordance with Israeli government laws and oversight mechanisms.
& # 39; However, the number of cases where their technology is used to reach members of civil society continues to grow.
& # 39; Although the technology is being marketed as a tool to help governments with lawful investigations into crime and terrorism, Citizen Lab has identified dozens of cases where journalists, human rights defenders and defenders, lawyers and political opposition groups have been targeted & # 39 ;
The vehicle for the attack was Pegasus, is & # 39; one of the most advanced spyware on the market and can infiltrate both iOS and Android devices & # 39 ;.
According to WhatsApp, NSO came via Pegasus, the & # 39; flagship & # 39; spyware, on people's phone
NSO targeted WhatsApp users through its video call function. They didn't have to pick up the phone to be exploited. Above is an example that was shared by Citizen Lab, the research agency with which it collaborated to prepare a report on the May 2019 infringement
The offices of the NSO group in Israel. It has not yet responded to the complaint
& # 39; To monitor a goal, a Pegasus operator uses multiple vectors and tactics, including zero-day exploits and deception, to invade security features in popular operating systems and silently install Pegasus without the knowledge or consent of the user & # 39 ;, says Citizen Lab.
In this case, they received video call requests via WhatsApp.
WhatsApp said earlier that affected users didn't even have to answer calls from unknown numbers in order to work.
Once installed, Pegasus was able to retrieve & # 39; remotely and stealthily valuable information from virtually any mobile device & # 39 ;, said the lawsuit.
The case was filed on Tuesday at the US court in the northern district of California.
In an accompanying statement, a WhatsApp spokesperson said: & # 39; This is the first time an encrypted message provider is taking legal action against a private entity that has carried out such attacks on its users.
& # 39; In our complaint we explain how NSO carried out this attack, including the recognition of an NSO employee that our steps to remedy the attack were effective.
& # 39; We are looking for a permanent injunction prohibiting NSO from using our service. & # 39;
NSO has not yet responded to the complaint. WhatsApp claims it has violated California law and its Terms of Service.
. [TagsToTranslate] Dailymail